December 2, 2010US House of RepresentativesCommittee on Energy and CommerceSubcommittee on Commerce, Trade & Consumer ProtectionMr. Chairman and Members of the Subcommittee,Thank you for the invitation to appear today to help the committeeaddress this very important subject.“Social networking” offers immense economic, educational andpersonal opportunities for people everywhere. Rapid adoption of technologies for sharing information among socially connectedbut geographically dispersed groups is changing how we live, howwe work, and how our children learn about the world. But socialnetworking as we presently use it is technically arranged as “cen-tralized” services, in which one party—let us call it “Facebook”for convenience—keeps all the data that everyone is sharing witheveryone else in one big database. The service provider absolutelycontrols this database, which they can access however they like,regardless of the controls over third party access to the data, andwhich they can build proﬁtable “data mining” activities atop.This situation, in which one business controls all the shared data of hundreds of millions of people, is not a technical requirement, butrather a bad design decision grown out of control. The Internet andthe World Wide Web, which are the technical infrastructures onwhich social network applications sit, does not require centralizedcontrol of shared data. All the technical features people like aboutsocial networking could be delivered to them without centralizeddata storage and the resulting privacy invasions.

Facebook and similar centralized social networking services liketo talk about their “privacy settings.” This is mere deception,a simple act of deliberate confusion. These “privacy settings”merely determine what one user can see of another user’s privatedata. The grave, indeed fatal, design error in social networkingservices like Facebook isn’t that Johnny can see Billy’s data. It’sthat the service operator has uncontrolled access to

everybody’s

data, regardless of the so-called “privacy settings.”Facebook holds and controls more data about the daily lives andsocial interactions of half a billion people than 20th-century to-talitarian governments ever managed to collect about the peoplethey surveilled. As viewers of a recent motion picture are aware,Facebook was not the result of careful, thoughtful developmentby technologists concerned with the ethical dimension of informa-tion technology. Instead, immature technology created by imma-ture people has become popular, and valuable, despite its manifestdefects. Because those defects are potentially proﬁtable, givingthe holder of social network databases unparalleled access to peo-ple’s internal lives, unregulated commercial activity will not solvethe problem of initial technological misdesign: commercial mo-tives uncontrolled by regulation in the public interest will makethe problem worse.The nature of the technological redesign required to give peopleeverywhere the ubiquitous beneﬁts of social networking withoutthe negative consequences of centralized for-proﬁt spying is well-understood. Mr. Rafael Sofaer, from whom you have alreadyheard, is one of the young technologists working to replace thepoor design that yielded Facebook with designs that can serveindividual needs without harming the public interest in mainte-nance of individual privacy. He and his colleagues in the Dias-pora project, along with hundreds of other volunteers in the freesoftware and open source movement who make great computersoftware to share, are already bringing into existence the second-generation social network architecture that offers sharing to ev-eryone, without putting anybody in the middle, holding all thedata for everybody else. Using a social network service like Face-

2

book means that every time you

access

anybody else’s shared data,you’re making a record about yourself. Facebook knows not onlywhat everybody posts, but also what everybody reads. Users of systems like Diaspora, however, can be sure that only the partiesactually sharing know who accesses their data: no one else knowswhetherSusieischeckingBilly’spage, andeverythingBillyshareshe shares from a safe place under his own, not Mr. Zuckerberg’s,control.But regulation of social networking technology in the interest of privacy can’t work by regulating technology. Government cannotdetermine what innovations

will

happen, let alone determine what

should

happen. Nor can agency rulemaking—which is a slow andcomplex process that powerful businesses can more easily inﬂu-ence than individuals—be counted upon to respond with speed andagility to market developments that harm the public interest.Instead, Congress should look at privacy questions from the sameregulatory perspective used to address the issue of environmen-tal quality, when—under the Nixon Administration—the FederalGovernment began making serious attempts to improve the envi-ronmental health of the United States. We need a National PrivacyPolicy Act, like the National Environmental Policy Act, in whichCongress declares the clear overall national goals to be pursued,and requires federal agencies to assess all their regulatory activi-ties in light of those goals. As with environmental law, Congressneeds to entrust a lead agency with the primary responsibility forbringing to bear technical as well as legal and political resources inthat effort. The Federal Trade Commission is plainly suited to therole of lead agency on privacy, and its traditional mode of activitysince 1915, namely the investigation and “prosecution” of com-plaints, is the appropriate regulatory style. The FTC can and doesbehave with the agility and perseverence necessary to obtain com-pliance with the public interest in complex and fast-changing mar-ketplaces. Empowered by clear and speciﬁc Congressional decla-rations of national privacy policy, the Commission would be wellpositioned to use its traditional tools to protect the public interest.